Overview

overview

8

Static

static

1

d221ac10e3...a8.exe

windows7-x64

8

d221ac10e3...a8.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d221ac10e3b4e429446bf15a62b5b3a8.exe

  • Size

    763KB

  • Sample

    230320-cc9t2abc78

  • MD5

    d221ac10e3b4e429446bf15a62b5b3a8

  • SHA1

    59caf74f5cc70be83d12041aaade852e363a98b7

  • SHA256

    bce69d0babad72cc18629d49cc961e5ce26ce6667a6039ec0de143ddb3e74eb6

  • SHA512

    4efe44f9a2e792341f6f6f2efa312fcb93c409e31ad9b56e02302a9af7da2428272277c247bb1b2265a126c60480f7075977b23af3dd2b36839917e4d957e8c2

  • SSDEEP

    12288:EV0I5pELAkEnBZn8p4YASa/RLIGZxNHXumdFhKNyo6bGyTkHtMBtEmmgbCAJmMVH:EV0IwHCt8CfZRLIGZxHWR6aA0+BifMPv

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      d221ac10e3b4e429446bf15a62b5b3a8.exe

    • Size

      763KB

    • MD5

      d221ac10e3b4e429446bf15a62b5b3a8

    • SHA1

      59caf74f5cc70be83d12041aaade852e363a98b7

    • SHA256

      bce69d0babad72cc18629d49cc961e5ce26ce6667a6039ec0de143ddb3e74eb6

    • SHA512

      4efe44f9a2e792341f6f6f2efa312fcb93c409e31ad9b56e02302a9af7da2428272277c247bb1b2265a126c60480f7075977b23af3dd2b36839917e4d957e8c2

    • SSDEEP

      12288:EV0I5pELAkEnBZn8p4YASa/RLIGZxNHXumdFhKNyo6bGyTkHtMBtEmmgbCAJmMVH:EV0IwHCt8CfZRLIGZxHWR6aA0+BifMPv

    Score
    8/10
    spywarestealer

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks